The follow Dynamic DNS domains are being abused in this attack, while they are not malicious in themselves they are abused so often that I would recommend blocking them anway:
dontexist.com
dvrdns.org
dynalias.org
gotdns.com
gotdns.org
gotdns.com
homeftp.net
mine.nu
podzone.net
selfip.biz
webhop.org
These sites appear to be legitimate, I cannot vouch for them being clean or not:
drachenschutzverein.de
rollenbeck.de
rollenbeck.eu
thefinalcut.eu
thefirstcut.de
triton-world.de
These sites are mostly flagged as malicious by Google, you can see some indicators of badness here and here:
004d28e2d38895c1245cab9b.dynalias.org
02b2b43ea1ba9bb9e72d3a69.selfip.biz
04e9e737a91bd31be2668861.mine.nu
08af1b8d55e2ba1f62732d85.gotdns.com
08ed70ff228cfd034f170d5a.mine.nu
0a935f252dd7c6a97658c956.dynalias.org
0c36d49d8ec82656db219bb5.dontexist.com
0ce19c234b42bfc3f5ae92cd.mine.nu
0ce54ec3d86cf07f5ac4640d.dontexist.com
101357ada1366203f8f3410e.podzone.net
10ffeb808d1a476d6ee06d2b.dontexist.com
11ec862e5fb9ec0762af7600.dynalias.org
128d4a163a90f543c259b1e5.mine.nu
1603db959a32f7b6f070e7b1.dontexist.com
166bb7f29be512bfc5d4c949.podzone.net
16b8286aab3437edeb846cf9.gotdns.com
17323cb4c3ff8ed8cbb0cf27.dvrdns.org
19329577e3905949b51c567c.dynalias.org
19941643733a38ef578bf12e.gotdns.org
1d26ff47b5aadad2d755979a.dvrdns.org
1d3beb9da9c09a58399e1d43.homeftp.net
1d946845b43b656d8f981e66.dynalias.org
1db064c3643e8c7cb6f89b54.gotdns.com
1f68faa21ae717bdda0536dc.dontexist.com
22c4daf753a7da024bf8b24e.mine.nu
250f1e3f1a2940aa4255deb5.dynalias.org
28d23e8ed4a6dfee2643ffce.dynalias.org
2e671f830928f031ff49f94c.dontexist.com
304ef8935293491f8259aebf.podzone.net
33409d12ccd5f348eb9e1d33.dontexist.com
33ab845252f3569c05a5ac70.dynalias.org
36a42ceaeee91822ecd84d1f.dynalias.org
37a9618442c3bd213d4877e2.gotdns.com
3896ca0bf37e183b734a6632.gotdns.org
3a009cd88f47dbd55a51ca0a.webhop.org
3b22c29409273c2ba45019e4.mine.nu
3cb79af7f0615a1eb638fd11.webhop.org
3e54c514284b705b4a6d8386.dynalias.org
3e91663455c489443d2ba75d.gotdns.com
3f80c8356bec83904a0a4b82.mine.nu
428836867237c5453a08da8e.webhop.org
43ea343452c7ac0f0846c988.podzone.net
448d3de8b830b70be22600bf.gotdns.com
44f32cf9971710b869a9e9c8.dontexist.com
47b10a4ab30e61e4b74aa661.gotdns.org
48e972108842e0d0c9e5fdf2.mine.nu
4916e2635dceb69776862390.dynalias.org
4a017cd6908b09d62c425718.selfip.biz
4c7e7dacb398c086c58d3faa.dynalias.org
4cac5eabb6a2214a81ad0760.selfip.biz
4e874edeea1e68fc792bdae2.gotdns.org
5328e9f6069f470758a00acc.dvrdns.org
549b11272b8a4b3095b0537e.dontexist.com
571ea1436338cc0d99eb8078.dynalias.org
58e74d65a3cc4fe035dbbda2.gotdns.com
5adde68d3bc12bb5e625cabb.homeftp.net
5c9d25cc7cd882479a609796.mine.nu
60a25d608e4a649e4af444e0.podzone.net
60e2af3686d06f21f3020026.homeftp.net
665b44722928d6bfbeaf988b.webhop.org
66bc311918791a6794866f50.dvrdns.org
67c97cbed3d264d19d8e5b27.dvrdns.org
6b2eb59711013d300e880d1c.dynalias.org
6b3c3cc0b4dd780c2fec2f6f.gotdns.com
6b52de135dc1495e89c0ab58.dontexist.com
6b60af16dc1d0e8ea821fdbc.gotdns.org
725a523df99960216bcfbffa.homeftp.net
73c5db9904cc52e4eace0764.webhop.org
779c26501c761d5e919a6624.homeftp.net
794b5ca01bb64c48754faf0c.dynalias.org
7e0a9746bba240206beb0fd0.homeftp.net
7e781346baa3a3bce70aa5bf.webhop.org
80cb766e88b70c906ecbefd3.dontexist.com
8140d66059dfec6425f71131.podzone.net
818644b1831c84e0798f9ee0.mine.nu
856990d5b0456a8ba9dbeb32.dontexist.com
88444afacffba122547670d1.mine.nu
8cd2b11586888ecb52ffd053.gotdns.com
8e3468104627c54bc068dd44.selfip.biz
8ec80631144f0fbc1eaa8f68.mine.nu
900139eaffbcd38018876df0.homeftp.net
90499263ca224ca95ff01024.webhop.org
909e65f061017672744285f3.dontexist.com
90d52c7d0c92f6ddacf68711.dontexist.com
910396ce5254bef0819e633d.selfip.biz
92afd94d55a6da9d1f519a7c.podzone.net
94488376b5d8d3f6c6a40bc5.webhop.org
95191465ad24aa061517253a.dynalias.org
95482702ed214a4b556619c6.selfip.biz
970fdfd18df4813f52d2472b.selfip.biz
9b212ac718b2e1235943adec.dynalias.org
9b4358c823382cbb4e82bf41.dontexist.com
9c850ba00e51786140490a36.mine.nu
9d2e959724edd7f66cec301e.selfip.biz
9eae6ea1c34249c042bf0037.podzone.net
a26f23656bab8dc4508eb5a2.mine.nu
a4c2b706b85923bb957823c2.mine.nu
a6197eccdfe18ef2ca06e48c.webhop.org
a798f98455df470c0b29b34f.mine.nu
a828fe5c598dc865e924fbb9.webhop.org
aae039e0629bd1614947f0f0.dynalias.org
ab690c910c49ad2bef9cce75.dynalias.org
b0a357b5735f902bdff042c1.podzone.net
b22d5de582060e586061f15b.homeftp.net
b66583b617d2d7b6a1dded9f.gotdns.com
b6e0134b7d7da747fe0c74e0.dynalias.org
b793df5e348aeb2c7dd5b7cc.podzone.net
ba028a028a38fcd8443e5c8f.dynalias.org
bb6e1f75f8fe369d7971ecdb.dynalias.org
bc1837ebe4d995b08079df38.mine.nu
bd7421fee539607f46f1f26a.dontexist.com
bdb7e7001bfbf6865e0e5fc7.dontexist.com
bf14f07423a53dc55ea35535.mine.nu
c1642b97da37c657a97bd848.mine.nu
c467917ae834519814e0d49a.dontexist.com
c58e1b1edc0e04195f01017a.dynalias.org
c6492763968289bebce065cf.gotdns.com
c8870d5fa9727a8d5fa2b5a8.gotdns.org
d1bfb154de06cbd381ef9751.mine.nu
d827f2ea240954322849260f.dynalias.org
d83c3de86bed61e7fb14d7b1.dynalias.org
dae7fb32afe3c0f9dc6d5ad2.mine.nu
db8c62855fb701cd676004e5.dynalias.org
dcbf23097800332e59ac4def.selfip.biz
dcc4374eda96873afb137b44.dynalias.org
dff3a271573578b6cc43c725.dontexist.com
e08bcee3f8586e0d3f3a8e31.gotdns.com
e119b0eb7fc7cb31bf64c66d.dvrdns.org
e2706818cafcdf67ea2552cb.gotdns.com
e64d445987e618bea6482938.podzone.net
eb3f72f1952b17acf62ee80d.selfip.biz
eb578347b30a518687364a9e.podzone.net
f0834c7ec0926ebe78029dc0.dynalias.org
f555bf015261100d38e0f2de.webhop.org
f5e647d0a9aa2dda4898fd2f.dynalias.org
f671629e0f16049db9ccd856.mine.nu
f777e097f711778ec22426a1.selfip.biz
fa0ccbcf1b5f74984a9530d7.mine.nu
fb857508b0c9cc35e3bab1e2.gotdns.org
fd7d46aa07ab0406560b4126.mine.nu
fd8c8f5b6a2867f79d1b8e71.gotdns.com
fe753d5f9ea4f311d1d14cc2.gotdns.com
fe8b7219896da7dbd4e28520.dynalias.org
ff5267331e22549fde4ca643.mine.nu
No comments:
Post a Comment